Advanced Cybersecurity - 0 امنیت دیجیتال PDF

:
http://www.tavaana.org
h t t p : / / w w w. e c i v i c e d . o r g

E-Collaborative for Civic Education
:
E-Collaborative for Civic Education 2012
)ECCE) E-Collaborative for Civic Education

501c3

.

.

.
ECCE
.

.
ECCE :
2010 .
.

.

.

.

.

.

.
.

19
35
45
81
65
:
:
Smartphone
95
111
121
129

.

.

.
.

.

.
.
.

w w w. t a v a a n a . o r g
.

:
http://www.youtube.com/user/tavaana2010

. ( )1 1822
ARPA . 22:30 29 1969 L O
ARPANET - ( )UCLA
:
ARPANET
()2
?Do you see the L

Yes, we see the L, came the response.
?We typed the O, and we asked Do you see the O
Yes, we see the O
10

.

:
2020
.
24
ABC NBC CBS .
50 5 13
38 .
210 80 . Spam.
Flickr .
:
.
50 . .
48 47 .
8 .

.
2006 .
95 .
( . )2012
18
2006 2011 .
23
.

.
.
11
12

.

Cap'n Crunch .
2600 AT&T )3(.
.
Kevin Mitnick
( ) :
.1 12

. :
...
.
.2 16
DEC
.
.3 Motorola NEC Nokia Sun Microsystems Fujitsu
()4
Siemens IBM .
Gary McKinnon
-
. 97
13 2001 2002
Solo .
() ( )
.
.
13

...
()5
( )

14
cyber bullying

1388
.
.
.
.
. .
.
IP
.
.
Kenzero .

.
1500 !
.
OSX.Trojan.iServices.B
. ()Port

.

.
.
99 .

Win 7 Anti-Spyware 2011 .
.
15

.
.doc .docx .
1390

. .
.doc
.
.
PayPal
.

.

.
. ( Phishing)

.
.

...
.
. :
.
.
.
Gh0st Rat .

.
16

:
.1
.
2009 AT&T
.
. AT&T
.
2011 75

.
.
25 2011

.

.

.
.2
.

.
A large scale denial of service attack

.
Comodo
Diginotar
.

.
.3 ()
.
17
. .
.

. .
.
.
.
. ( )Application
.

.
. .
.1
:
http://www.livinginternet.com/i/ii_rand.htm
.2 :1822
http://www.bitsavers.org/pdf/bbn/imp/BBN1822_Jan1976.pdf
.3 : Cap'n Crunch
.4 : Kevin Mitnick
http://www.webcrunchers.com/
http://news.cnet.com/8301-1009_3-9995253-83.html
.5 :
. :
http://foreignaffairs.house.gov/112/Fis041511.pdf
. :
http://graphics.thomsonreuters.com/11/04/CyberEspionage.pdf
. :
http://www.symantec.com/avcenter/reference/cyberterrorism.pdf
18
: .
http://www.mcafee.com/us/resources/reports/rp-good-decade-for-cybercrime.pdf
: .
http://www.cbsnews.com/htdocs/pdf/Cyberbullying_Pages_128_132.pdf
: .
http://www.mcafee.com/us/resources/white-papers/wp-cybercrime-hactivism.pdf

.

.

.

.
20
:
( )Social Engineering

(
) :iOS

1990 .
. 1990
packet spoofing 2000
( DDoS )Distributed Denial of Service
.
.
Packet spoofing
Hijacking sessions
Automated probes/scans
GUI intruder tools
Automated widespread attacks
Widespread denial of service attacks
executable code attacks - browsers
Techniques to analyze code for vulnerabilities without source code
Widespread attack on DNS infrastructure
Widespread attacks using NNTP to distribute attack
Stealth/advanced scanning techniques
E-mail propagation of malicious code
Increase wide-scale Trojan horse distribution
Distributed attack tools
DDoS attacks
Home users targeted
Anti forensic techniques
Increase in worms
Sophisticated command and control
Dummies .
1990
2012
Source: SE/CERT CC
21
:
.

. .

.

.

.
.

:

. .

.

.
.

.
Password
.
.

1. Social Engineering
22

.

.

:
.

.
.
.
.

Crack
.
.
23

.
.

. .
2004 .

.
.

.
.

.

.
. 2010
.

.
.

419 :
- -
.
50 .
24
:
:
----- Forwarded Message ----From: U.S. Department of State <dv@greencard-org.com>
To: XXX
Sent: Tuesday, September 6, 2011 3:04 PM
Subject: U.S. Department of State - United States Permanent Resident Card for XXX
Your registered name XXX is included to show this message originated from U.S. Department of State. U.S. Department of State notifies XXX of being selected as a winner of the Diversity Visa program.
Dear XXX, You are one of the 50,000 winners selected by the computer random draw from
the 12.1 million entries registered in the Diversity Immigrant Visa Program . The Diversity Immigrant Visa program is a United States congressionally-mandated lottery program for receiving
a United States Permanent Resident Card. It is also known as the Green Card Lottery.
Processing fees
Type of Residence Card Status Amount (per person) United States Permanent Resident Card
Granted! - Waiting for payment of processing fee $879 Processing fees Included Total $879
Although the Diversity Visa participation was free, the law and regulations require to every
diversity visa winner to pay a visa processing fee of $879. The Diversity Visa(Green Card) is
guaranteed upon receiving the payment.
The per person fee for each Diversity Visa is $879, payable in U.S. dollars or equivalent of
your local currency. This $879 fee is the only fee a winner needs to pay throughout the entire
relocation process.
Accompanying family members(wife/husband, fiancee, brothers, sisters, childrens, cousins)
may be included in the program and their visas will be provided at the same time with yours so
you can travel/move together in the same time. However the fees must be paid per person and
each member(e.g wife, brother, parents, childrens, cousin) must pay $879. There is no discount
for childrens.
Please note that you are allowed to take with you as many family members you want. However for each person you must pay an additional amount of U.S $879
For example if you decide to move in the United States with your wife and a kid the total fee
is US$879(your fee) + US$879(your wife) + US$879(your kid) = US$2637.
879
- .
. - ...

.
.

. .
25
.
.

.

.

.
: :

.
:
1380!
.
:
! .
.

:
:
.
8 ...
.
.
: .

... .
:
26
(
)
.
:
. .

.
.

:

.
.

. .
Gmail

.
Off the Record
.

.

.
.

27

.
-
.
.
.
.
.
.

.

.

.
( )Security Questions and Password hint

. .
.
Spoofing Sniffing
.
Sniffing
. Sniffing Sniffer

. Wireshark .

1. Packet spoofing
28
Ethernet sniffer Wireless sniffer

.
:Spoofing header
Spoofing

.

.
:
http://www.cis.syr.edu/~wedu/seed/Labs/Sniffing_Spoofing/Sniffing_Spoofing.pdf

.
1. Session Hijacking
29

:
.
.
.
.
. .
word attach
.
cookies .

.

.
.
: .

1. Denial of service attacks
30
.
5000 50

DDoS . Distributed denial-of-service attacks

.
:
1388
http://pagereboot.com/
Pagereboot .

request .
: request

.
2000 Mafiaboy
DDoS .
CNN Ebay Amazon Dell DDoS
. ( )Anonymous
.
31
DDoS
:
DDoS .
DDoS
.
DDoS
.

. Bot herder
Bot master
( )Zombie .

:
.
.

.
.
( )2007 ( )2008
DDoS
.
.

.

.
: :

1. Denial of service attacks using Botnets
32

.

!
.

.
:

.
Exploit pack
.
.

.
.
Exploit pack .
trendmicro
:
botnet 700 :
: botnet 2
( botnet)
400 :
10 : 1
292 :
116 :
130 :
500 :
1. Exploit packs
33
DDoS : 30 70 1200
150 :
Exploit pack

.
Exploit pack .
. Adobe Acrobat
.
Exploit pack KeyLogger
.
username password .
Exploit pack .
Exploit pack
Exploit .
Exploit pack
.

Exploit :
.
Exploit pack
Patch .
Secure DNS Comodo
Exploit
.
Aladel.net 56371 .

:

.
.

2010 .
1. Malwares
36
:

.

11/73 .

:
Virus :
.
...
Worm :
.
Trojan :

.
Rootkit :

.
Scare-ware :

.
Spyware :
.
.
Botnet
.

.
Spam :

.
37
:
()Trojan Horse
()Logic Bomb
()Back Door
()Virus
()Worm
()Rabbit
()Spyware
()Adware
()Hybrid, Dropper, Blended threat
()Zombie
()Trojan Horse
.
.

.
( )crack
.
.

.
( .EXE )

.

:
http://trojanwatch.org/wp-content/uploads/2011/11/trojans.png
()Logic Bomb

24 2010
.
38
()Back Door

.
:

.
()Virus
1980
.
:

.
.com .exe .bin

.

.
:
Sircam 2001, Nimda 2001, Magistr 2001, Melissa 1999, Mydoom 2004,
CIH Chernobyl 2001.

. ( )Update
.
.
. .
( )Load

.

. .
.

39
.
.
http://hackingtools.co.in/25-most-famous-computer-viruses-infographic/
10
:
http://www.popsci.com/scitech/gallery/2009-04/top-10-computer-viruses
()Worm
.

.

:
Anna Kournikova worm 2001, Klez worm 2001, Explorer worm 1999, Bad Benjamin
worm 2002, Loveletter worm 2000, Sasser worm 2004, Blaster worm 2003, Sobig worm
2003.

.
:
http://www.dw.de/dw/article/0,,15343414,00.html
http://youtu.be/scNkLWV7jSw

:
http://www.webopedia.com/DidYouKnow/Internet/2004/virus.asp
()Rabbit

.
.
. ..
.
.
40

.
()Spyware

.
.

.
Keylogger
.

.
.
.
:
http://www.infospyware.net/blog/where-does-your-malware-come-from/
()Adware

.
Spyware .
.

.
()Hybrid, Dropper, Blended threat
41
Dropper

.
Blanded Threat
.
()Zombie

. ( )Spam
( )distributed denial-of-service attack - DDoS attack.

. 2007

DDoS .

. :
http://www.axleration.com/inside-the-malware-business-infographic/
42
1986
Brain
1987
Stoned
1990
Form
1991
Michelangelo
1992
VCL
1994
Monkey
1995
Concept
1999
Happy99
1999
Melissa
2001
Code Red
attachment

2000
Love Letter
Bank of America 911

2003
Slammer
2003
Sobig
2003
Fizzer
2003
Cabir
2004
MyDoom
2004
Sasser
2004
SdBOT
2005
Haxdoor
SONY BMG
2006
Sony Rootkit
2007
Mebroot

p2p
Kazaa
43
2007
StormWorm
3D-Anti
Terrorist
2008
Conficker
2010
Stuxnet
1000

. :
http://www.symantec.com/content/en/us/enterprise/media/security_response/
whitepapers/w32_stuxnet_dossier.pdf
46

MyPassword Ty@N14_B Shiva1363 Tehran1234
.

. .

.
.

.
Log out
.
:
.
.

:
Amir_Tafreshi@gmail.com
Amir.Tafreshi@gmail.com
Amr_Trfs@gmail.com

Trash .
( )intimate
.
.

( )2 step verification .
.

:
http://googlepersianblog.blogspot.com/
_http://www.radiofarda.com/content/f7_commentary_over_making_gmail_more
secure/24324496.html
47

.1 attachment .
attachment
attachment .
.2
SSL :

( ):
:
http://googlepersianblog.blogspot.com/2011/12/blog-post.html
http://www.youtube.com/embed/GtcVjOWHg9E?cc_load_policy=1&cc_lang_pref=fa
http://googlepersianblog.blogspot.com/2012/01/gmail.html
HTTPS .
.
.
:
48

:
http://lifehacker.com/5876541/use-this-infographic-to-pick-a-good-strong-password

:
https://www.azadcyber.info/articles/2429

:
http://protectme.webroot.com/wp-content/themes/webroot/images/passwordinfographic.png
Thunderbird
(
)...
Thunderbird .
PGP Thunderbird
.

. :
http://lifehacker.com/180878/how-to-encrypt-your-email
.
.
https://security.ngoinabox.org/en/thuderbird_encryption

.
( )
.
KeePass . :
http://keepass.info/
49
.
:
http://lifehacker.com/5042616/five-best-password-managers
: CCleaner
.
.
:
USB . mp3
. . Recuva
.
CCleaner
Trendmicro :

.
.
50
: Pidgin

.
.
SSL .
Pidgin OTR :

:
http://www.cypherpunks.ca/otr/
51
http://pidgin.im/download/

.
( )...
.

.

:
http://lifehacker.com/356291/ten-must+have-plug+ins-to-power-up-pidgin
()Browsers

( )malware.
.
:
.1
malware !Warning: Something's Not Right Here
phishing !Warning: Suspected phishing site
Sandboxing .2
XSS
Tab
Tab .
Sandboxing
.
52
Auto Update .3

.
.
()Anti Phishing
48 .
google safe browsing .
.
.
:
53
SmartScreen technology
9 Win. Vista Win. 7
. URL
click-jacking
( cross-site scripting
) .
.
54
automatic crash recovery .

9
:
http://www.microsoft.com/en-gb/security/pc-security/ie9.aspx
9
.

cache .
. Gmail
.

:
Internet Explorer InPrivate
Mozilla Firefox Private Browsing
Google Chrome Incognito
Safari Private Browsing
Silverlight Flash

Adobe 10 Privacy mode
.
55
HTTPS Everywhere
HTTPS
. HTTPS

.
HTTPS .
HTTPS Everywhere
EFF HTTPS
.
( )
:
56
Adobe
Adobe
Acrobat
.
Adobe
.

2 2008 28
2010 .
.

. Adobe
.
Flash Player

.
.
57
:
uninstall
.
.
no-script
incognito
Zozzle .
(Cross-site scripting (XSS
Cross-site scripting
.
Cross-site scripting :

.

58

.

.

Cross-site scripting . Cross-site scripting

.

.
XSS
.1 incognito private .
.2 Java NotScripts
.
.3 .
.4
https://www.google.com/ https://www.googles.com/
.
.5 .
. Cache .
.
Comodo Secure DNS
: Comodo Secure DNS

Comodo Secure DNS

.
Comodo Secure DNS
. Comodo Secure DNS
Comodo Secure DNS
:

59

Comodo Secure DNS
.
ISP DNS
Large scale DNS Cache Poisoning . Comodo Secure DNS
.
Comodo Secure DNS DNS
:
Preferred DNS server address for Comodo Secure DNS is: 8.26.56.26
Alternate DNS server address for Comodo Secure DNS is: 8.20.247.20
TCP/IP
Router
Router .
DNS :
Windows Vista Instructions
Windows XP Instructions
Mac OS X Instructions
Router Instructions

patch
.
60
Secunia
.
Winzip Rar Real Player
.
.

( )Software ( )Firmware
. Windows Update
.
Secunia
http://secunia.com/vulnerability_scanning
.
:

Secunia OSI PSI
. ( )OSI
Secunia . ( )PSI
.
61
62
Cloud Computing

.
.
Outlook

. Google Docs
Microsoft Office
Office 365 .
Google Docs :
http://www.youtube.com/watch?v=qo-ZrbrAhDI
:
. .
.
.

.
Dropbox . Dropbox TrueCrypt
.
Backup
.
http://en.wikipedia.org/wiki/List_of_online_backup_services
63
USB Drive

.
BitLocker to Go .TrueCrypt
Ironkey
.
.
.
Autorun .

.
TrueCrypt
TrueCrypt
. TrueCrypt
.
64
TrueCrypt
: .
http://www.tafreevar.com/2603/truecrypt-safe-place-critical-information

.
SQL injection
Cross-Site Scripting (XSS)
HTTP Response Splitting
Open Redirect
Command Injection
Code Injection
Directory Traversal
XPATH Injection
LDAP injection
Forced Browsing
Blind SQL Injection
http://www.imperva.com/docs/HII_An_Anatomy_of_a_SQL_Injection_Attack_
SQLi.pdf
https://www.owasp.org/index.php/XSS_(Cross_Site_Scripting)_Prevention_Cheat_
Sheet
http://vimeo.com/28268598
http://www.slideshare.net/eoftedal/avoiding-cross-site-scripting-not-as-easy-as-youmight-think
http://www.slideshare.net/fmavituna/how-to-detect-xss
http://resources.infosecinstitute.com/http-response-splitting-attack/
http://www.slideshare.net/innotech_conference/owasptop-10
http://www.acunetix.com/websitesecurity/cross-site-scripting.htm
http://www.cgisecurity.com/xss-faq.html
http://www.net-security.org/dl/articles/Javascript_malware.pdf
http://www.blackhat.com/presentations/bh-europe-08/Alonso-Parada/Whitepaper/
bh-eu-08-alonso-parada-WP.pdf
http://www.acunetix.com/websitesecurity/directory-traversal.htm

.
.
.

.
.

. :
.1 Panda Active Scan Panda Security
http://www.pandasecurity.com/homeusers/solutions/
activescan/
66
Microsoft Microsoft Safety Scanner .2
http://www.microsoft.com/security/scanner/en-us/default.aspx :
Bitdefender Online Bitdefender .3
http://www.bitdefender.com/scanner/online/free.html :
67
Computer Associates Malware Scanner .4

.
http://cainternetsecurity.net/entscanner/ :
Eset.com ESET .5
http://www.eset.com/us/online-scanner/ :
68
TrendMicro housecall .6
http://housecall.trendmicro.com/ :
F-Secure online scanner .7

. Active X
http://www.f-secure.com/en/web/labs_global/removal/ :
69
99 .
.

Rogue security softwareRogue security software .

.

. :
http://en.wikipedia.org/wiki/Rogue_security_software

.
.

.1 comodo free internet security
.
:
http://www.comodo.com/home/internet-security/free-internet-security.php
70
.2 Malwarebytes
:
http://www.malwarebytes.org/
.3 Avast! Free Antivirus

:
http://www.avast.com/free-antivirus-download
71
.4 Microsoft Security Essentials

:
http://windows.microsoft.com/en-GB/windows/products/security-essentials
.5 AVG Free
.
:
http://free.avg.com
72
.6 Avira
:
http://www.avira.com/en/avira-free-antivirus
.7 Adware Free Lavasoft

:
http://www.lavasoft.com/products/ad_aware_free.php
73
panda security Panda Cloud Antivirus Free Edition .8

:
http://www.cloudantivirus.com/en/
Symantec Norton Power Eraser .9
http://security.symantec.com/nbrt/npe.aspx?
74
:
aggressive

.
.

.
.
restart
.
.10
Spyware Doctor . :
http://www.pctools.com/forum/showthread.php?69406-2012-Release-PC-ToolsSpyware-Doctor-and-PC-Tools-Spyware-Doctor-with-AntiVirus-v9
75

.
.
.
Defense+
Comodo Internet Security
.
.

. Restart

.
.
.

.

.
.

.

write protect .
CD
rewrite .
install.
Spybot - Search & Destroy
Spybot - Search & Destroy .

http://www.safer-networking.org/en/download
.
76
http://download.cnet.com .

() .
:
Fix selected problems .

resident
77
.

Comodo Internet Security
Comodo Comodo
.
.
.
Firewall AntiVirus .Defence+
Defence+
( )Paranoid .

. Defence+
.

.
78
()Rogue security software
( )Open Source
.
Symantec McAfee Kaspersky
.

Cache
.
( )Rogue security software :
http://en.wikipedia.org/wiki/Rogue_security_software
:

.

P2P

Microsoft Security Essentials Trend Micro House Call
.

.

Comodo AVG Avira Trend Micro .
Spybot S&D .

.
15
.
79
Botnet

( )Botnet .
12 .
.

:

( )2006 ()2007
DDoS

:
http://www.geekosystem.com/botnet-infographic/
http://blog.trendmicro.com/big-botnet-busts/

:
http://www.thewindowsclub.com/infographic-botnets-demystyfied-and-explained
2009 Ghostnet .
1300 103

.
.
.

.
RUBotted
:
http://free.antivirus.com/rubotted

Cache .
80
Norton Antibot Symantec

:
25
.

.

2009
:
.1 :
.
Godaddy Wordpress.com.
.2 :

.
Deep Packet Inspection .

82
( )2009
6 .
(
).
.3 : Keyword
women woman girl Mousavi Moosavi
.
.4 :
80 TCP
HTTP .
FTP . VOIP Skype
.
HTTPS : .SSH
.5 ( :)Shallow Packet Inspection
( )DPI
. SPI

.
.
.6 ( :)Fingerprint Inspection
.

.
.
.7 Deep Packet Inspection

encrypted .

.

peer peer

83

Wordpress .Blogspot

.

.
RSS
..
. ..
.
( )Subscribe Google Reader
.
.
.. .
.. .

. :
http://www.google.com/reader

.

.

.
Reader Sharer :
https://chrome.google.com/webstore/detail/gmgmcmhmodidojodfoekpbjnejlhcbpb
Reader Sharer Monkey :
http://userscripts.org/scripts/show/117034
Greasemonkey .
84
VPN
VPN
.
VPN L2tp PPTP
. IPsec

.PPTP-L2TP/IPSEC-SSTP-SSH-SSL-socks5 :
VPN
.

:
Your-freedom
Your-freedom http://www.Your-freedom.net/
https:// .
Your-freedom Your-freedom .
Your-freedom Your-freedom
:
Your-freedom OpenVpn .
:
http://www.your-freedom.net/index.php?id=175
85
Your Freedom
:
JonDo
Your Freedom JonDo

.

.
:
https://addons.mozilla.org/en-US/firefox/addon/access-freeneti/
86
()Psiphon
Psiphon3 VPN
Psiphon3.
Psiphon :
https://s3.amazonaws.com/f58p-mqce-k1yj/psiphon3.exe
Psiphone
.
Ultrareach

.
:
http://ultrasurf.us/

.

:

87
.

.
:

Exit .
()Freegate

.
Download.com Freegate
.
fg680f.exe
:
88
Status
.

( )127.0.0.1:8580 .

.
89
Tunnel . F3
SSL :
Setting .

.

.
90
Gpass
.

.

Socks Direct.
:
http://gpass1.com
http://gpass1.com/help-fa
.
Download.com .

.

:
91
Gtunnel
.
.
http://gardennetworks.org/download .
:
92
G .
.
()TOR
.

.

Tor Vidalia Torbutton Polipo .
:
http://www.torproject.org/docs/tor-doc-windows.html.en
:
.
.
Torbutton .

RealPlayer QuickTime .
. .
.
.
.
.
93
.

Torculler .
.

.
.
Paperbus
Paperbus
. Paperbus 7 :
http://www.paperb.us/#download
Paperbus
. Paperbus
.
94
ASProxy Wing
( ) .
:
()Hotspotshield

.

.

. :
http://hotspotshield.com
( )
:

.
20 .
600 .
1. Social networking
96

: :
Its finally holiday time again! I'm on my way to Palm Springs...

15
35 18 34 .

Google Street View .

.
.
.
https .
.
Log out.
Temporary file .

.
.
facebook.com/security :
: Login
. SSL .
( : ID verification )

.
: Social Authentication

.
: One Time Passwords

.

:
( : Login Approvals
)

.
.

.
97
98
: Session Classifier
.

.
: User Action Classifier

.
150

.
: Link Scanner

.
: Photo DNA DNA

.
.

.
: Self XSS

.
: Clickjacking Domain Reputation System

.
: Application Classifier

.
: Suspected Hacking

.
99
100
: Remote Logout

LogOut .

.
: Guardian Angels

.
: Login Notifications

notifications .
: Roadblock
.

.
101

:
http://blog.commtouch.com/cafe/web-security/infographic-facebook-attacksin-2011/

. ( )2009 ( )2010 ( )2011
.

.

:
Impersonation

.
.
: 1390
.
.

.
provocateur
.
102

.
.
25
.
.

.
:
.1 https .
.2

SMS .
.3 .
103
.4 .

.
.
.
.5 .

.
.
.
.6 .
.

.
.7 .
.

.
.8 .
104
.9 Third Party Application

. .
.
105
.10
. .
.11
.
.
.12 Ralationship status .
.13 .
.14 Wall Wall

.
.15 social ads .

.16
.
106
.

.
:
http://blog.trendmicro.com/the-geography-of-social-media-threats

.
.
.
:

.
.
:
()Google+

:

https://plus.google.com/settings/privacy .
107

.

. :
https://plus.google.com/settings/exportdata

.
.
.

:
108
HTTPS

. :

HTTPS
.
. HTTPS
.

Tweetwipe
.
http://twitwipe.com/ :

( )HootSuite .
.
http://hootsuite.com
.
109

.
.

.

.
.
Smartphone

.

.

.

.

.
112

.
.
.
.
.

.
review
.
.
.
JailBreak
.
Cydia
.
.
.
WiFi .
WiFi Adhoc
.

. :
Smartphone
113

(
)
.

.

.
:
55
44
.
:
Norton Mobile Security

Lookout Antivirus
DroidSecurity Anti virus
AppScan
.

.

.
114

.

( )SMS ( )MMS
.

Skype
Facebook
.
IM+ Google Talk Facebook Skype Twitter
Jabber MSN Yahoo! ICQ AIM MySpace Iphone Android
Blackberry Windows mobile Symbian.
Fring IM+ Iphone
Ovi .

:
http://mashable.com/2011/08/12/mobile-malware/
Smartphone
115
.
.

.
.

.

:
http://www.theatlantic.com/technology/archive/2011/09/infographic-protectyourself-from-the-threat-of-mobile-malware/243998/

.
. .
.

.

.
.
.
wipe CCleaner . CCleaner
.

Message Box .
.

.
.1 SIM PIN Phone Security Code .

116
. N97
:
.

. IMEI #06#*
.

Theft Aware GadgetTrak Find my iPhone & iPad iOS .
.2 ( )Backup
wipe wipe .
. Zeros
Pseudorandom data US DoD 5220.22-M (E) US DoD 5220.22-M (ECE) Gutmann
Royal Canadian Mounted Police DSX
. Wipe Free Space
http://wipefreespace.sourceforge.net/ .

GSM .
. VOIP
GPRS
Smartphone
117
.
.
ENCRYPTED CELL PHONE .

.
.1
. .

.
.2 .
Accsess point DNS
.
.
.3 DECT
. .
.4
.
. .
Backup .
118
.
.
Fontal.a MMS MMS

. MMS
.
worm
worm, parasitic virus
worm
parasitic virus
parasitic virus
Trojan backdoor
Trojan
Trojan
Trojan + Worms
Trojan + Worms
Trojan
Trojan
Trojan
Trojan
Trojan
Trojan with worm
Trojan with other trojan
Trojan
Trojan
Trojan with worm
Trojan with worm
Trojan
Trojan
Worm
Trojan
Cabir.a
velasco
Commwarrior a,b,c
mabir.a
Duts.a
Brador.a
Mosquito.a
Skulls.a
CabirDropper.a
MGDropper.a
Dampig
Locknut.b
rever.a
Fontal.a
Hobbes.a
Nameoomboot.a
Onehop.a
Blankfont.a
Fontal.c
Nameoomboot.c
Nameoomboot.d
AppDisabler.a
Cardtrap.d
Caribe
Trojan_Mos
Smartphone
119

4 3 5
SSL MITM
.
.

Diginotar .

.

.
.
:
.1 .
.2 .
.3
.
.4 .

. .
.
.

.
122

.

.
:

.

.

.

.

.

.
:

CD DVD
SIM CARD MicroSD
.

Panda USB Vaccine

MicroSD
123
Panda USB Vaccine

Autorun .
.

TrueCrypt
TrueCrypt
124
. TrueCrypt
.
TrueCrypt
.

Cloud Computing
.
Outlook

. Google Docs
Microsoft Office .
Office 365 .
Google Docs :
http://www.youtube.com/watch?v=qo-ZrbrAhDI
:
: .
:
.

.
125
Dropbox . Dropbox TrueCrypt

.
Backup
.
http://en.wikipedia.org/wiki/List_of_online_backup_services

Recuva1
recuva
.
... .

.

.
USB
.
.
1. www.piriform.com/recuva
126

CCleaner1
CCleaner
. wipe.

.
CCleaner.

.
.
CCleaner

.
1. www.piriform.com/ccleaner
127
Defrag
Smart Defrag1

. Defrag
system tools . Smart Defrag
.

.
restart .
1. www.iobit.com/iobitsmartdefrag.html

()Portable

.

.
...
.

.
:
.
.
130
.
: 2 4 .
: Panda USB Vaccine
.
:
:
Google Chrome1

-
.
Firefox2
1. http://download.cnet.com/Google-Chrome-Portable
2. http://portableapps.com/apps/internet/firefox_portable
131
Opera1
Tor Browser Bundle2
1. http://www.opera.com/
2. https://www.torproject.org/about/overview.html.en
132
CCleaner1

. .
Recuva2

. .
1. http://static.piriform.com/pf/download.png
2. http://www.piriform.com/recuva/download/portable
133
7Zip1

.

.
ClamWin2

.

http://portableapps.com .
1. http://www.7-zip.org/download.html
2. http://downloads.sourceforge.net/clamwin/clamwin-0.97.5-setup.exe
134
Audacity1

. ...
.
VLC Player2
.

.
.
1. http://audacity.sourceforge.net/download/windows
2. http://www.videolan.org/vlc/download-windows.html
135
GIMP1

.

.
Skype2
portableapps .

.
.

.
1. http://portableapps.com/apps/graphics_pictures/gimp_portable
2. http://portableapps.com/apps/internet/skype_portable
136
Pidgin1 OTR
portableapps
OTR
.
. OTR
.
1. http://portableapps.com/apps/internet/pidgin_portable

h t t p : / / w w w. t a v a a n a . o r g
h t t p : / / w w w. e c i v i c e d . o r g

Advanced Cybersecurity - 0 امنیت دیجیتال PDF

Hochgeladen von

Dokumentinformationen

Originaltitel

Copyright

Verfügbare Formate

Dieses Dokument teilen

Dokument teilen oder einbetten

Freigabeoptionen

Stufen Sie dieses Dokument als nützlich ein?

Sind diese Inhalte unangemessen?

Copyright:

Verfügbare Formate

Advanced Cybersecurity - 0 امنیت دیجیتال PDF

Hochgeladen von

Copyright:

Verfügbare Formate

:

)ECCE) E-Collaborative for Civic Education

?Do you see the L

Ethernet sniffer Wireless sniffer

Bank of America 911

automatic crash recovery .

: Comodo Secure DNS

Microsoft Microsoft Safety Scanner .2

Bitdefender Online Bitdefender .3

Computer Associates Malware Scanner .4

F-Secure online scanner .7

.3 Avast! Free Antivirus

.4 Microsoft Security Essentials

.7 Adware Free Lavasoft

panda security Panda Cloud Antivirus Free Edition .8

Symantec Norton Power Eraser .9

Spybot - Search & Destroy .

Fix selected problems .

()Rogue security software

Norton Antibot Symantec

Reader Sharer Monkey :

Your Freedom JonDo

: User Action Classifier

: Photo DNA DNA

: Clickjacking Domain Reputation System

.9 Third Party Application

.14 Wall Wall

.15 social ads .

Norton Mobile Security

.1 SIM PIN Phone Security Code .

Panda USB Vaccine

Dropbox . Dropbox TrueCrypt

Tor Browser Bundle2

Das könnte Ihnen auch gefallen